bump TLS buffer size to 64K.

Which should be enough for high-load connections.

And move the "used" field to the start of the record_t structure,
because most of the time we're only looking at the start of the
buffer.

diff --git a/src/include/tls-h b/src/include/tls-h
index 7bb994b3242fada0c99823e632ca63d99ebfc47f..d388c4ae3e1cf5c3f83f1d0a764481a0d1ce01a6 100644 (file)
--- a/src/include/tls-h
+++ b/src/include/tls-h
@@ -67,7 +67,7 @@ typedef enum {
 } fr_tls_status_t;
 extern FR_NAME_NUMBER const fr_tls_status_table[];
 
-#define MAX_RECORD_SIZE 16384
+#define MAX_RECORD_SIZE 65536
 
 /*
  *     A single TLS record may be up to 16384 octets in length, but a
@@ -89,8 +89,8 @@ extern FR_NAME_NUMBER const fr_tls_status_table[];
  *     or configure TLS not to exceed MAX_RECORD_SIZE.
  */
 typedef struct _record_t {
-       uint8_t data[MAX_RECORD_SIZE];
        size_t  used;
+       uint8_t data[MAX_RECORD_SIZE];
 } record_t;
 
 typedef struct _tls_info_t {